package com.lx.security.demo.controller;

import jakarta.annotation.security.RolesAllowed;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @author lX
 * @version JDK 8
 * @className IndexController (此处以class为例)
 * @date 2024/12/4
 * @description TODO
 */
@RestController
public class IndexController {

    @GetMapping("/")
    public String home(){
        return "home page";
    }

    @GetMapping("/index")
    public String index(){
        return "index";
    }


    @GetMapping("/index2")
    public String index2(){
        return "index2";
    }

    @GetMapping("/user/index3")
    public String index3(){
        return "index3";
    }

    @GetMapping("/order/index4")
    public String index4(){
        return "index4";
    }


    @GetMapping("/index5")
    @RolesAllowed({"admin"})
    public String index5(){
        return "index5";
    }


    @Secured("user")
    @GetMapping("/index6")
    public String index6(){
        return "index6";
    }

    @GetMapping("/findUserById")
    @PreAuthorize("hasRole('admin') and #id<10 ")
    public String findById(long id) {
        //TODO 查询数据库获取用户信息
        return "success";
    }
}
